<?php

include 'config/mysql.php';
$type = $_REQUEST['type'];
unset($_POST['type']);
unset($_GET['type']);
if(empty($type)){
    error('index.php','参数错误');
}
switch ($type){
    //用户注册
    case 'zc':
        $name = $_POST['name'];
        $user = select("select * from user where name = '{$name}'",1);
        if($user){
            error('index.php','用户名存在了');
        }

        $res = addsql('user',$_POST);
        if($res){
            success('index.php','注册成功');
        }else{
            error('zc.php','注册失败');
        }
        break;
        //用户登录
    case 'login':
        $name = $_POST['name'];
        $password = $_POST['password'];
        $user = select("select * from user where name = '{$name}' and password = '{$password}'",1);
        if($user){
            $_SESSION['h_id'] = $user['id'];
            $_SESSION['h_name'] = $user['name'];
            success('index.php','登录成功');
        }else{
            error('login.php','账号或密码错误');
        }
        break;
        //用户修改密码
    case 'mypassword':
        $info = select("select * from user where id = ".$_SESSION['h_id'],1);
        if($info['password'] == $_POST['password']){
            update('user',array('password'=> $_POST['passwordto']),'where id ='.$_SESSION['h_id']);
            success('my.php','密码修改成功');
        }else{
            error('mypassword.php?class=mypassword','原始密码不正确');
        }
        break;
        //用户重置金额
    case 'addprice':
        $sql = "update user set price = price+".$_POST['price']." where id = ".$_SESSION['h_id'];

        if($pdo->exec($sql)){
            success('myprice.php?class=myprice','充值成功');
        }else{
            error('myprice.php?class=myprice','充值失败');
        }
        break;
    case 'addorder':
        if(empty($_SESSION['h_id'])){
            error('index.php','请先登录');
        }

        //查询用户余额
//        $info = select("select * from user where id = ".$_SESSION['h_id'],1);
//
//        if($info['price'] < $_GET['price']){
//            error('man.php?id='.$_GET['id'],'余额不足');
//        }

        $res = addsql('myorder',array('g_id'=>$_GET['id'],'u_id'=>$_SESSION['h_id'],'createtime'=>date('Y-m-d H:i:s',time())));
        if($res){


            $sql = "update goods set num = num- 1 where id = ".$_GET['id'];
            $pdo->exec($sql);

            success('index.php','购买成功');
        }else{
            error('index.php','购买失败');
        }
        break;
    case 'out':
        unset($_SESSION['h_id']);
        unset($_SESSION['h_name']);
        success('index.php','退出登录成功');
        break;
}
